Blog

If your data is on a device that’s connected to the internet it’s safe to assume someone will take a hack at it even when you took proper precautions. This is my practical guide for going a step deeper and working on sorta top secret projects. Modify this to suit your needs, and use at your own risk.

Basic rules

Stock up on old computers. A secondhand Thinkpad T460s from eBay is a great choice under $150, but you may have other needs: Something with newer specs, an all-in-one PC, a SoC computer like a Raspberry Pi, a Beaglebone, or an ASUS Tinker Board. Just make sure it can run the software you need and fits your performance profile. Keep in mind you will need to do work on it so get something that won’t give you trouble. Having a variety of computers on hand will give you the opportunity to set up cheap ad-hoc workstations when you need them rather than violating security protocol for convenience.

Have a backup plan. Consider the backup needs of each computer. Not everything will need full disk imaging, but every computer that is backed up should have its own backup media. Consider full-disk encryption on top of encrypted backups.

Dedicate a separate computer for research. Connecting to the internet opens up your entire network to potentially being compromised. Be mindful of the metadata trail that you leave such as search history. Use browsers and search engines that don’t track you like duckduckgo. Use a combination of private VPNs, TOR, or self-hosted proxies to mask yourself further. If you need to download any files make sure you have a procedure in place to sanitize them before bringing them into a safe zone.

Do your actual work on air-gapped devices. This means all your programming and writing work is done on computers that don’t have a network connection. Physically disable wireless by removing the network card. Prefer bootable DVDs and traditional install media for installing software. SoC computers like the Raspberry Pi use SD cards which usually need to be configured on another device. In this case do this from a secured computer. Flying under the radar with internet-free devices such as George RR Martin’s DOS machine might be another good play depending on your needs.

Don’t use email. Use some other protocol for sensitive communication, preferably something with end-to-end encryption like Telegram.

Use isolated networks when needed. If you need to network devices together you should set up a network that only secured devices can connect to. Make sure there’s no path to the internet through any other device that’s connected to this network. Make sure that the networking gear–routers and switches and hubs–all have wireless features disabled so you don’t have any unexpected visitors.

Move swiftly. If your work is worth doing, it’s worth doing fast. Finishing faster means you no longer need the supporting infrastructure and no infrastructure means no attack vector.

Security through obscurity is underrated. Making a virtual hall of mirrors is one part of the security meta-game that’s not given enough credit. Take full advantage of unique configurations to not be noticed, just don’t rely on it solely.

Any time someone tells me about a project they’ve been meaning to get back around to or a project they’ve mothballed I always tell them, “you should start that back up.”

The reaction is mostly universal too:

I don’t have the time.

I just don’t have the energy.

All people do is stuff. You’re either doing something creative, or you’re working, or you’re sleeping, and if not those, you might be keeping busy or sitting around. And if you’re doing those anyway, why not add something to this world?

If you start small you have the greatest chance of success. Write a sentence a day. Journal. Draw a quick sketch every single day. Find art or a skill that intrigues you and take it in. If nothing seems to interest you try to understand the things that you like–maybe that’s beautiful furniture and architecture. Actively curate pictures of it. Read about it, talk to people about it. Email people in the field.

The more you understand it the more you will find you can imitate it and express it in things that you make. Once you have the means and the passion, you won’t have to force yourself. It’ll just happen.

We talked about something geometric, but still very minimal; if it was on the side of a car you’d think that it was going to another planet. This logo would also feature a triangle as part of the theme that I wanted to curate here.

When you’re looking for a designer it’s so easy to just glaze over portfolios, but it’s arguably more vital to hire someone you can understand. There’s a magic that happens between a designer and their client when the client knows what they want and the designer knows how to get there. That communication is the basis for something bigger.

After the second round of ideas I needed about 2 weeks to passively sit with these. We iterated some of them and nothing was clicking. With some time away and fresh eyes I noticed that just the “HAMILTON” in the first row by itself is pretty elegant, and with some more slight alterations this became the wordmark for the site.

Some of the best ideas come by chance, but without the skill driving it ideas have less chance of taking hold. Awesome work Leanne & thanks again.

Search

Search for:

About Me

Mark is an engineer that wants to figure out the universe one big piece at a time.